adamyordan / offbyslash-django-dumper
A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
☆24Updated 2 years ago
Alternatives and similar repositories for offbyslash-django-dumper:
Users that are interested in offbyslash-django-dumper are comparing it to the libraries listed below
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 6 years ago
- Alpha version code of Recon UI☆14Updated 7 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆46Updated 6 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Updated 7 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆27Updated 6 years ago
- This is the Go Server that relays all HTTP requests and responses between clients.☆27Updated last year
- PHP tool to test XSS☆22Updated 5 years ago
- burp extender for fuzzing☆10Updated 6 years ago
- ☆32Updated 5 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.☆19Updated 2 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆24Updated 5 years ago
- A Mozilla Firefox extension which allows quick access to your google-dorking result☆19Updated 4 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- Clickjacking PoC Generator☆35Updated 4 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆40Updated 6 years ago
- This is a small extension to make graphql readable☆30Updated 6 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago
- Simple webinterface combining different recon tools.☆12Updated 7 years ago
- Burp extension to generate multi-step CSRF POC.☆30Updated 5 years ago
- Burp Intruder File Payload Generator☆18Updated 5 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago
- A companion repo to accompany detailed guides and YouTube content to allow users to follow along☆13Updated 4 years ago
- Extract subdomains from rapiddns.io☆23Updated 2 years ago
- ☆20Updated 5 years ago
- Scripts for OSCE☆18Updated 6 years ago